Warning: Permanently added '[localhost]:49500' (ED25519) to the list of known hosts.
2025/07/19 21:38:08 ignoring optional flag "sandboxArg"="0"
2025/07/19 21:38:09 parsed 1 programs
[ 81.336309][ T837] cfg80211: failed to load regulatory.db
[ 83.187179][ T40] audit: type=1400 audit(1752961092.087:117): avc: denied { unlink } for pid=6240 comm="syz-executor" name="swap-file" dev="sda1" ino=2026 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t"
[ 84.301378][ T6240] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k
[ 86.024627][ T40] audit: type=1401 audit(1752961094.917:118): op=setxattr invalid_context="u:object_r:app_data_file:s0:c512,c768"
[ 86.234878][ T63] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[ 86.238106][ T63] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[ 86.240820][ T63] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[ 86.243945][ T63] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[ 86.248650][ T63] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[ 86.993420][ T6308] chnl_net:caif_netlink_parms(): no params data found
[ 87.119300][ T6308] bridge0: port 1(bridge_slave_0) entered blocking state
[ 87.121957][ T6308] bridge0: port 1(bridge_slave_0) entered disabled state
[ 87.124204][ T6308] bridge_slave_0: entered allmulticast mode
[ 87.127360][ T6308] bridge_slave_0: entered promiscuous mode
[ 87.130340][ T6308] bridge0: port 2(bridge_slave_1) entered blocking state
[ 87.132547][ T6308] bridge0: port 2(bridge_slave_1) entered disabled state
[ 87.134844][ T6308] bridge_slave_1: entered allmulticast mode
[ 87.138527][ T6308] bridge_slave_1: entered promiscuous mode
[ 87.186444][ T6308] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 87.190862][ T6308] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 87.220835][ T6308] team0: Port device team_slave_0 added
[ 87.223995][ T6308] team0: Port device team_slave_1 added
[ 87.281769][ T6308] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 87.284660][ T6308] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 87.295084][ T6308] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 87.301568][ T6308] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 87.304451][ T6308] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 87.315108][ T6308] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 87.371284][ T6308] hsr_slave_0: entered promiscuous mode
[ 87.373468][ T6308] hsr_slave_1: entered promiscuous mode
[ 87.992570][ T6308] netdevsim netdevsim0 netdevsim0: renamed from eth0
[ 87.998516][ T6308] netdevsim netdevsim0 netdevsim1: renamed from eth1
[ 88.004643][ T6308] netdevsim netdevsim0 netdevsim2: renamed from eth2
[ 88.009091][ T6308] netdevsim netdevsim0 netdevsim3: renamed from eth3
[ 88.053084][ T6308] 8021q: adding VLAN 0 to HW filter on device bond0
[ 88.067690][ T6308] 8021q: adding VLAN 0 to HW filter on device team0
[ 88.075403][ T1187] bridge0: port 1(bridge_slave_0) entered blocking state
[ 88.078316][ T1187] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 88.088093][ T12] bridge0: port 2(bridge_slave_1) entered blocking state
[ 88.091048][ T12] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 88.244463][ T6308] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 88.274113][ T6308] veth0_vlan: entered promiscuous mode
[ 88.287484][ T6308] veth1_vlan: entered promiscuous mode
[ 88.308653][ T6308] veth0_macvtap: entered promiscuous mode
[ 88.317544][ T6308] veth1_macvtap: entered promiscuous mode
[ 88.326155][ T6308] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 88.334529][ T6308] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 88.341810][ T6308] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 88.345678][ T6308] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 88.349274][ T6308] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 88.351915][ T6308] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 88.432099][ T12] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 88.528638][ T12] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 88.573575][ T1187] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 88.578455][ T1187] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 88.598043][ T76] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 88.600996][ T76] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 88.626465][ T12] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 88.725784][ T12] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
2025/07/19 21:38:18 executed programs: 0
[ 89.501739][ T5314] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[ 89.508322][ T5314] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[ 89.511564][ T5314] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[ 89.515577][ T5314] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[ 89.519005][ T5314] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[ 89.618194][ T6442] chnl_net:caif_netlink_parms(): no params data found
[ 89.724435][ T6442] bridge0: port 1(bridge_slave_0) entered blocking state
[ 89.728036][ T6442] bridge0: port 1(bridge_slave_0) entered disabled state
[ 89.731049][ T6442] bridge_slave_0: entered allmulticast mode
[ 89.736026][ T6442] bridge_slave_0: entered promiscuous mode
[ 89.743241][ T6442] bridge0: port 2(bridge_slave_1) entered blocking state
[ 89.749196][ T6442] bridge0: port 2(bridge_slave_1) entered disabled state
[ 89.752304][ T6442] bridge_slave_1: entered allmulticast mode
[ 89.757095][ T6442] bridge_slave_1: entered promiscuous mode
[ 89.789801][ T6442] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 89.795626][ T6442] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 89.851557][ T6442] team0: Port device team_slave_0 added
[ 89.857033][ T6442] team0: Port device team_slave_1 added
[ 89.884373][ T6442] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 89.886633][ T6442] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 89.894459][ T6442] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 89.898847][ T6442] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 89.900986][ T6442] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 89.908970][ T6442] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 89.946259][ T6442] hsr_slave_0: entered promiscuous mode
[ 89.948481][ T6442] hsr_slave_1: entered promiscuous mode
[ 89.950482][ T6442] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 89.952706][ T6442] Cannot create hsr debugfs directory
[ 91.585279][ T5314] Bluetooth: hci0: command tx timeout
[ 91.933031][ T12] bridge_slave_1: left allmulticast mode
[ 91.935950][ T12] bridge_slave_1: left promiscuous mode
[ 91.938563][ T12] bridge0: port 2(bridge_slave_1) entered disabled state
[ 91.944112][ T12] bridge_slave_0: left allmulticast mode
[ 91.946932][ T12] bridge_slave_0: left promiscuous mode
[ 91.949434][ T12] bridge0: port 1(bridge_slave_0) entered disabled state
[ 92.197954][ T12] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 92.203275][ T12] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 92.208354][ T12] bond0 (unregistering): Released all slaves
[ 92.365623][ T12] hsr_slave_0: left promiscuous mode
[ 92.368515][ T12] hsr_slave_1: left promiscuous mode
[ 92.370549][ T12] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 92.372874][ T12] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 92.375974][ T12] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 92.378320][ T12] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 92.389547][ T12] veth1_macvtap: left promiscuous mode
[ 92.391344][ T12] veth0_macvtap: left promiscuous mode
[ 92.393175][ T12] veth1_vlan: left promiscuous mode
[ 92.394883][ T12] veth0_vlan: left promiscuous mode
[ 92.761949][ T12] team0 (unregistering): Port device team_slave_1 removed
[ 92.801616][ T12] team0 (unregistering): Port device team_slave_0 removed
[ 93.390710][ T6442] netdevsim netdevsim0 netdevsim0: renamed from eth0
[ 93.395546][ T6442] netdevsim netdevsim0 netdevsim1: renamed from eth1
[ 93.399891][ T6442] netdevsim netdevsim0 netdevsim2: renamed from eth2
[ 93.413796][ T6442] netdevsim netdevsim0 netdevsim3: renamed from eth3
[ 93.463259][ T6442] 8021q: adding VLAN 0 to HW filter on device bond0
[ 93.475629][ T6442] 8021q: adding VLAN 0 to HW filter on device team0
[ 93.482541][ T1191] bridge0: port 1(bridge_slave_0) entered blocking state
[ 93.485629][ T1191] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 93.492440][ T76] bridge0: port 2(bridge_slave_1) entered blocking state
[ 93.495100][ T76] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 93.610917][ T6442] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 93.639131][ T6442] veth0_vlan: entered promiscuous mode
[ 93.655147][ T5314] Bluetooth: hci0: command tx timeout
[ 93.773309][ T6442] veth1_vlan: entered promiscuous mode
[ 93.796379][ T6442] veth0_macvtap: entered promiscuous mode
[ 93.801991][ T6442] veth1_macvtap: entered promiscuous mode
[ 93.822311][ T6442] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 93.833680][ T6442] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 93.841021][ T6442] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 93.844577][ T6442] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 93.850513][ T6442] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 93.854166][ T6442] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 93.925716][ T60] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 93.928806][ T60] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 93.944513][ T1041] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 93.947124][ T1041] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 93.971241][ T40] audit: type=1400 audit(1752961102.867:119): avc: denied { prog_load } for pid=6541 comm="syz.0.16" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[ 93.977608][ T40] audit: type=1400 audit(1752961102.867:120): avc: denied { bpf } for pid=6541 comm="syz.0.16" capability=39 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[ 93.985885][ T40] audit: type=1400 audit(1752961102.867:121): avc: denied { perfmon } for pid=6541 comm="syz.0.16" capability=38 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[ 93.988583][ T6542] BUG: Bad page state in process syz.0.16 pfn:2abe1
[ 93.992508][ T40] audit: type=1400 audit(1752961102.867:122): avc: denied { prog_run } for pid=6541 comm="syz.0.16" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[ 93.995231][ T6542] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x2abe1
[ 94.000938][ T40] audit: type=1400 audit(1752961102.897:123): avc: denied { read } for pid=5346 comm="syslogd" name="log" dev="sda1" ino=2010 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:var_t tclass=lnk_file permissive=1
[ 94.003145][ T6542] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[ 94.003162][ T6542] raw: 00fff00000000000 dead000000000040 ffff888021b9b000 0000000000000000
[ 94.013243][ T40] audit: type=1400 audit(1752961102.907:124): avc: denied { search } for pid=5346 comm="syslogd" name="/" dev="tmpfs" ino=1 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[ 94.015891][ T6542] raw: 0000000000000000 3fffffffffffffff 00000000ffffffff 0000000000000000
[ 94.015903][ T6542] page dumped because: page_pool leak
[ 94.015912][ T6542] page_owner tracks the page as allocated
[ 94.015921][ T6542] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2820(GFP_ATOMIC|__GFP_NOWARN), pid 6542, tgid 6541 (syz.0.16), ts 93988519517, free_ts 93617238924
[ 94.019552][ T40] audit: type=1400 audit(1752961102.907:125): avc: denied { search } for pid=5346 comm="syslogd" name="/" dev="tmpfs" ino=1 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[ 94.026060][ T6542] post_alloc_hook+0x1c0/0x230
[ 94.029644][ T40] audit: type=1400 audit(1752961102.907:126): avc: denied { add_name } for pid=5346 comm="syslogd" name="messages" scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[ 94.031300][ T6542] get_page_from_freelist+0x1321/0x3890
[ 94.033677][ T40] audit: type=1400 audit(1752961102.907:127): avc: denied { create } for pid=5346 comm="syslogd" name="messages" scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[ 94.038794][ T6542] __alloc_frozen_pages_noprof+0x261/0x23f0
[ 94.038814][ T6542] alloc_pages_bulk_noprof+0x71c/0x1410
[ 94.038830][ T6542] __page_pool_alloc_pages_slow+0x193/0xc30
[ 94.047571][ T40] audit: type=1400 audit(1752961102.907:128): avc: denied { append open } for pid=5346 comm="syslogd" path="/tmp/messages" dev="tmpfs" ino=5 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[ 94.048894][ T6542] page_pool_alloc_netmems+0xc4/0x190
[ 94.079477][ T6542] page_pool_alloc_frag_netmem+0x219/0x9c0
[ 94.081316][ T6542] skb_pp_cow_data+0x584/0xff0
[ 94.082824][ T6542] skb_cow_data_for_xdp+0x88/0xb0
[ 94.084392][ T6542] do_xdp_generic+0x530/0x1320
[ 94.085988][ T6542] tun_get_user+0x1bc6/0x3b80
[ 94.087480][ T6542] tun_chr_write_iter+0xdc/0x210
[ 94.089161][ T6542] vfs_write+0x6c4/0x1150
[ 94.090537][ T6542] ksys_write+0x12a/0x250
[ 94.091954][ T6542] do_syscall_64+0xcd/0x4c0
[ 94.093428][ T6542] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 94.095356][ T6542] page last free pid 28 tgid 28 stack trace:
[ 94.097224][ T6542] __free_frozen_pages+0x7fe/0x1180
[ 94.098855][ T6542] tlb_remove_table_rcu+0x116/0x1a0
[ 94.100477][ T6542] rcu_core+0x799/0x14e0
[ 94.101811][ T6542] handle_softirqs+0x219/0x8e0
[ 94.103326][ T6542] run_ksoftirqd+0x3a/0x60
[ 94.104742][ T6542] smpboot_thread_fn+0x3f7/0xae0
[ 94.106386][ T6542] kthread+0x3c5/0x780
[ 94.107675][ T6542] ret_from_fork+0x5d4/0x6f0
[ 94.109168][ T6542] ret_from_fork_asm+0x1a/0x30
[ 94.110685][ T6542] Modules linked in:
[ 94.111918][ T6542] CPU: 1 UID: 0 PID: 6542 Comm: syz.0.16 Not tainted 6.16.0-rc6-syzkaller-00279-gbf61759db409 #0 PREEMPT(full)
[ 94.111933][ T6542] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 94.111939][ T6542] Call Trace:
[ 94.111944][ T6542]
[ 94.111948][ T6542] dump_stack_lvl+0x16c/0x1f0
[ 94.111969][ T6542] bad_page+0xcf/0x220
[ 94.111980][ T6542] ? __pfx_bad_page+0x10/0x10
[ 94.111991][ T6542] ? page_bad_reason+0x9d/0x1f0
[ 94.112002][ T6542] __free_frozen_pages+0x824/0x1180
[ 94.112018][ T6542] ? mark_held_locks+0x49/0x80
[ 94.112029][ T6542] page_frag_free+0x27f/0x2e0
[ 94.112040][ T6542] __xdp_return+0x38e/0xa90
[ 94.112053][ T6542] ? kmem_cache_free+0x2d1/0x4d0
[ 94.112069][ T6542] bpf_xdp_adjust_tail+0xa11/0xfd0
[ 94.112088][ T6542] bpf_prog_f476d5219b92964a+0x1e/0x24
[ 94.112098][ T6542] bpf_prog_run_generic_xdp+0x626/0x1530
[ 94.112120][ T6542] do_xdp_generic+0x8e6/0x1320
[ 94.112137][ T6542] ? __pfx_do_xdp_generic+0x10/0x10
[ 94.112155][ T6542] ? virtio_net_hdr_to_skb+0x57c/0x1410
[ 94.112175][ T6542] tun_get_user+0x1bc6/0x3b80
[ 94.112192][ T6542] ? __pfx_tun_get_user+0x10/0x10
[ 94.112203][ T6542] ? __pfx_ref_tracker_alloc+0x10/0x10
[ 94.112218][ T6542] ? find_held_lock+0x2b/0x80
[ 94.112231][ T6542] ? tun_get+0x191/0x370
[ 94.112244][ T6542] tun_chr_write_iter+0xdc/0x210
[ 94.112260][ T6542] vfs_write+0x6c4/0x1150
[ 94.112277][ T6542] ? __pfx_tun_chr_write_iter+0x10/0x10
[ 94.112290][ T6542] ? __pfx_vfs_write+0x10/0x10
[ 94.112304][ T6542] ? find_held_lock+0x2b/0x80
[ 94.112325][ T6542] ksys_write+0x12a/0x250
[ 94.112340][ T6542] ? __pfx_ksys_write+0x10/0x10
[ 94.112359][ T6542] do_syscall_64+0xcd/0x4c0
[ 94.112371][ T6542] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 94.112382][ T6542] RIP: 0033:0x7f475038bc1f
[ 94.112391][ T6542] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48
[ 94.112401][ T6542] RSP: 002b:00007f4751126000 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[ 94.112411][ T6542] RAX: ffffffffffffffda RBX: 00007f47505a5fa0 RCX: 00007f475038bc1f
[ 94.112417][ T6542] RDX: 000000000000fdef RSI: 0000200000000a80 RDI: 00000000000000c8
[ 94.112424][ T6542] RBP: 00007f475040e2a0 R08: 0000000000000000 R09: 0000000000000000
[ 94.112429][ T6542] R10: 000000000000fdef R11: 0000000000000293 R12: 0000000000000000
[ 94.112435][ T6542] R13: 0000000000000000 R14: 00007f47505a5fa0 R15: 00007ffe596f8698
[ 94.112448][ T6542]
[ 94.112452][ T6542] Disabling lock debugging due to kernel taint
[ 94.191705][ T6542] BUG: Bad page state in process syz.0.16 pfn:38d20
[ 94.193774][ T6542] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffff888000000000 pfn:0x38d20
[ 94.196892][ T6542] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[ 94.199046][ T6542] raw: 00fff00000000000 dead000000000040 ffff888021b9b000 0000000000000000
[ 94.201677][ T6542] raw: ffff888000000000 0000000000000001 00000000ffffffff 0000000000000000
[ 94.204329][ T6542] page dumped because: page_pool leak
[ 94.206027][ T6542] page_owner tracks the page as allocated
[ 94.207776][ T6542] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2820(GFP_ATOMIC|__GFP_NOWARN), pid 6542, tgid 6541 (syz.0.16), ts 93988512960, free_ts 93617257344
[ 94.212793][ T6542] post_alloc_hook+0x1c0/0x230
[ 94.214309][ T6542] get_page_from_freelist+0x1321/0x3890
[ 94.216096][ T6542] __alloc_frozen_pages_noprof+0x261/0x23f0
[ 94.217953][ T6542] alloc_pages_bulk_noprof+0x71c/0x1410
[ 94.219671][ T6542] __page_pool_alloc_pages_slow+0x193/0xc30
[ 94.221515][ T6542] page_pool_alloc_netmems+0xc4/0x190
[ 94.223188][ T6542] skb_pp_cow_data+0x7c0/0xff0
[ 94.224699][ T6542] skb_cow_data_for_xdp+0x88/0xb0
[ 94.226354][ T6542] do_xdp_generic+0x530/0x1320
[ 94.227864][ T6542] tun_get_user+0x1bc6/0x3b80
[ 94.229386][ T6542] tun_chr_write_iter+0xdc/0x210
[ 94.230961][ T6542] vfs_write+0x6c4/0x1150
[ 94.232319][ T6542] ksys_write+0x12a/0x250
[ 94.233689][ T6542] do_syscall_64+0xcd/0x4c0
[ 94.235177][ T6542] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 94.237013][ T6542] page last free pid 28 tgid 28 stack trace:
[ 94.238857][ T6542] __free_frozen_pages+0x7fe/0x1180
[ 94.240471][ T6542] tlb_remove_table_rcu+0x116/0x1a0
[ 94.242086][ T6542] rcu_core+0x799/0x14e0
[ 94.243422][ T6542] handle_softirqs+0x219/0x8e0
[ 94.244917][ T6542] run_ksoftirqd+0x3a/0x60
[ 94.246350][ T6542] smpboot_thread_fn+0x3f7/0xae0
[ 94.247877][ T6542] kthread+0x3c5/0x780
[ 94.249156][ T6542] ret_from_fork+0x5d4/0x6f0
[ 94.250617][ T6542] ret_from_fork_asm+0x1a/0x30
[ 94.252100][ T6542] Modules linked in:
[ 94.253332][ T6542] CPU: 1 UID: 0 PID: 6542 Comm: syz.0.16 Tainted: G B 6.16.0-rc6-syzkaller-00279-gbf61759db409 #0 PREEMPT(full)
[ 94.253349][ T6542] Tainted: [B]=BAD_PAGE
[ 94.253352][ T6542] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 94.253359][ T6542] Call Trace:
[ 94.253363][ T6542]
[ 94.253367][ T6542] dump_stack_lvl+0x16c/0x1f0
[ 94.253385][ T6542] bad_page+0xcf/0x220
[ 94.253396][ T6542] ? __pfx_bad_page+0x10/0x10
[ 94.253406][ T6542] ? page_bad_reason+0x9d/0x1f0
[ 94.253416][ T6542] __free_frozen_pages+0x824/0x1180
[ 94.253431][ T6542] ? mark_held_locks+0x49/0x80
[ 94.253440][ T6542] page_frag_free+0x27f/0x2e0
[ 94.253451][ T6542] __xdp_return+0x38e/0xa90
[ 94.253464][ T6542] ? kmem_cache_free+0x2d1/0x4d0
[ 94.253479][ T6542] bpf_xdp_adjust_tail+0xa11/0xfd0
[ 94.253495][ T6542] bpf_prog_f476d5219b92964a+0x1e/0x24
[ 94.253504][ T6542] bpf_prog_run_generic_xdp+0x626/0x1530
[ 94.253522][ T6542] do_xdp_generic+0x8e6/0x1320
[ 94.253537][ T6542] ? __pfx_do_xdp_generic+0x10/0x10
[ 94.253553][ T6542] ? virtio_net_hdr_to_skb+0x57c/0x1410
[ 94.253568][ T6542] tun_get_user+0x1bc6/0x3b80
[ 94.253582][ T6542] ? __pfx_tun_get_user+0x10/0x10
[ 94.253592][ T6542] ? __pfx_ref_tracker_alloc+0x10/0x10
[ 94.253604][ T6542] ? find_held_lock+0x2b/0x80
[ 94.253617][ T6542] ? tun_get+0x191/0x370
[ 94.253628][ T6542] tun_chr_write_iter+0xdc/0x210
[ 94.253639][ T6542] vfs_write+0x6c4/0x1150
[ 94.253655][ T6542] ? __pfx_tun_chr_write_iter+0x10/0x10
[ 94.253667][ T6542] ? __pfx_vfs_write+0x10/0x10
[ 94.253681][ T6542] ? find_held_lock+0x2b/0x80
[ 94.253696][ T6542] ksys_write+0x12a/0x250
[ 94.253711][ T6542] ? __pfx_ksys_write+0x10/0x10
[ 94.253728][ T6542] do_syscall_64+0xcd/0x4c0
[ 94.253738][ T6542] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 94.253750][ T6542] RIP: 0033:0x7f475038bc1f
[ 94.253758][ T6542] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48
[ 94.253768][ T6542] RSP: 002b:00007f4751126000 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[ 94.253777][ T6542] RAX: ffffffffffffffda RBX: 00007f47505a5fa0 RCX: 00007f475038bc1f
[ 94.253784][ T6542] RDX: 000000000000fdef RSI: 0000200000000a80 RDI: 00000000000000c8
[ 94.253790][ T6542] RBP: 00007f475040e2a0 R08: 0000000000000000 R09: 0000000000000000
[ 94.253796][ T6542] R10: 000000000000fdef R11: 0000000000000293 R12: 0000000000000000
[ 94.253802][ T6542] R13: 0000000000000000 R14: 00007f47505a5fa0 R15: 00007ffe596f8698
[ 94.253812][ T6542]
[ 94.253818][ T6542] BUG: Bad page state in process syz.0.16 pfn:2b478
[ 94.334261][ T6542] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffff88802b478000 pfn:0x2b478
[ 94.337433][ T6542] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[ 94.339605][ T6542] raw: 00fff00000000000 dead000000000040 ffff888021b9b000 0000000000000000
[ 94.342230][ T6542] raw: ffff88802b478000 0000000000000001 00000000ffffffff 0000000000000000
[ 94.344921][ T6542] page dumped because: page_pool leak
[ 94.346687][ T6542] page_owner tracks the page as allocated
[ 94.348448][ T6542] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2820(GFP_ATOMIC|__GFP_NOWARN), pid 6542, tgid 6541 (syz.0.16), ts 93988506607, free_ts 93617267255
[ 94.353514][ T6542] post_alloc_hook+0x1c0/0x230
[ 94.355100][ T6542] get_page_from_freelist+0x1321/0x3890
[ 94.356818][ T6542] __alloc_frozen_pages_noprof+0x261/0x23f0
[ 94.359108][ T6542] alloc_pages_bulk_noprof+0x71c/0x1410
[ 94.361306][ T6542] __page_pool_alloc_pages_slow+0x193/0xc30
[ 94.363527][ T6542] page_pool_alloc_netmems+0xc4/0x190
[ 94.365603][ T6542] skb_pp_cow_data+0x7c0/0xff0
[ 94.367532][ T6542] skb_cow_data_for_xdp+0x88/0xb0
[ 94.369534][ T6542] do_xdp_generic+0x530/0x1320
[ 94.371476][ T6542] tun_get_user+0x1bc6/0x3b80
[ 94.373343][ T6542] tun_chr_write_iter+0xdc/0x210
[ 94.375361][ T6542] vfs_write+0x6c4/0x1150
[ 94.377080][ T6542] ksys_write+0x12a/0x250
[ 94.378756][ T6542] do_syscall_64+0xcd/0x4c0
[ 94.380474][ T6542] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 94.382745][ T6542] page last free pid 28 tgid 28 stack trace:
[ 94.384760][ T6542] __free_frozen_pages+0x7fe/0x1180
[ 94.386473][ T6542] rcu_core+0x799/0x14e0
[ 94.387800][ T6542] handle_softirqs+0x219/0x8e0
[ 94.389322][ T6542] run_ksoftirqd+0x3a/0x60
[ 94.390736][ T6542] smpboot_thread_fn+0x3f7/0xae0
[ 94.392283][ T6542] kthread+0x3c5/0x780
[ 94.393614][ T6542] ret_from_fork+0x5d4/0x6f0
[ 94.395142][ T6542] ret_from_fork_asm+0x1a/0x30
[ 94.396658][ T6542] Modules linked in:
[ 94.397909][ T6542] CPU: 1 UID: 0 PID: 6542 Comm: syz.0.16 Tainted: G B 6.16.0-rc6-syzkaller-00279-gbf61759db409 #0 PREEMPT(full)
[ 94.397926][ T6542] Tainted: [B]=BAD_PAGE
[ 94.397930][ T6542] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 94.397936][ T6542] Call Trace:
[ 94.397940][ T6542]
[ 94.397944][ T6542] dump_stack_lvl+0x16c/0x1f0
[ 94.397963][ T6542] bad_page+0xcf/0x220
[ 94.397974][ T6542] ? __pfx_bad_page+0x10/0x10
[ 94.397984][ T6542] ? page_bad_reason+0x9d/0x1f0
[ 94.397994][ T6542] __free_frozen_pages+0x824/0x1180
[ 94.398009][ T6542] ? mark_held_locks+0x49/0x80
[ 94.398019][ T6542] page_frag_free+0x27f/0x2e0
[ 94.398029][ T6542] __xdp_return+0x38e/0xa90
[ 94.398041][ T6542] ? kmem_cache_free+0x2d1/0x4d0
[ 94.398057][ T6542] bpf_xdp_adjust_tail+0xa11/0xfd0
[ 94.398072][ T6542] bpf_prog_f476d5219b92964a+0x1e/0x24
[ 94.398081][ T6542] bpf_prog_run_generic_xdp+0x626/0x1530
[ 94.398099][ T6542] do_xdp_generic+0x8e6/0x1320
[ 94.398114][ T6542] ? __pfx_do_xdp_generic+0x10/0x10
[ 94.398130][ T6542] ? virtio_net_hdr_to_skb+0x57c/0x1410
[ 94.398145][ T6542] tun_get_user+0x1bc6/0x3b80
[ 94.398158][ T6542] ? __pfx_tun_get_user+0x10/0x10
[ 94.398172][ T6542] ? __pfx_ref_tracker_alloc+0x10/0x10
[ 94.398190][ T6542] ? find_held_lock+0x2b/0x80
[ 94.398208][ T6542] ? tun_get+0x191/0x370
[ 94.398225][ T6542] tun_chr_write_iter+0xdc/0x210
[ 94.398243][ T6542] vfs_write+0x6c4/0x1150
[ 94.398265][ T6542] ? __pfx_tun_chr_write_iter+0x10/0x10
[ 94.398279][ T6542] ? __pfx_vfs_write+0x10/0x10
[ 94.398300][ T6542] ? find_held_lock+0x2b/0x80
[ 94.398327][ T6542] ksys_write+0x12a/0x250
[ 94.398348][ T6542] ? __pfx_ksys_write+0x10/0x10
[ 94.398374][ T6542] do_syscall_64+0xcd/0x4c0
[ 94.398390][ T6542] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 94.398406][ T6542] RIP: 0033:0x7f475038bc1f
[ 94.398416][ T6542] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48
[ 94.398426][ T6542] RSP: 002b:00007f4751126000 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[ 94.398437][ T6542] RAX: ffffffffffffffda RBX: 00007f47505a5fa0 RCX: 00007f475038bc1f
[ 94.398444][ T6542] RDX: 000000000000fdef RSI: 0000200000000a80 RDI: 00000000000000c8
[ 94.398450][ T6542] RBP: 00007f475040e2a0 R08: 0000000000000000 R09: 0000000000000000
[ 94.398456][ T6542] R10: 000000000000fdef R11: 0000000000000293 R12: 0000000000000000
[ 94.398462][ T6542] R13: 0000000000000000 R14: 00007f47505a5fa0 R15: 00007ffe596f8698
[ 94.398471][ T6542]
[ 94.398478][ T6542] BUG: Bad page state in process syz.0.16 pfn:2c1fc
[ 94.486530][ T6542] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffff888000000000 pfn:0x2c1fc
[ 94.489601][ T6542] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[ 94.491713][ T6542] raw: 00fff00000000000 dead000000000040 ffff888021b9b000 0000000000000000
[ 94.494323][ T6542] raw: ffff888000000000 0000000000000001 00000000ffffffff 0000000000000000
[ 94.496935][ T6542] page dumped because: page_pool leak
[ 94.498605][ T6542] page_owner tracks the page as allocated
[ 94.500298][ T6542] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2820(GFP_ATOMIC|__GFP_NOWARN), pid 6542, tgid 6541 (syz.0.16), ts 93988500030, free_ts 93618986355
[ 94.505239][ T6542] post_alloc_hook+0x1c0/0x230
[ 94.506700][ T6542] get_page_from_freelist+0x1321/0x3890
[ 94.508405][ T6542] __alloc_frozen_pages_noprof+0x261/0x23f0
[ 94.510204][ T6542] alloc_pages_bulk_noprof+0x71c/0x1410
[ 94.511901][ T6542] __page_pool_alloc_pages_slow+0x193/0xc30
[ 94.513716][ T6542] page_pool_alloc_netmems+0xc4/0x190
[ 94.515411][ T6542] skb_pp_cow_data+0x7c0/0xff0
[ 94.516871][ T6542] skb_cow_data_for_xdp+0x88/0xb0
[ 94.518491][ T6542] do_xdp_generic+0x530/0x1320
[ 94.520046][ T6542] tun_get_user+0x1bc6/0x3b80
[ 94.521449][ T6542] tun_chr_write_iter+0xdc/0x210
[ 94.523016][ T6542] vfs_write+0x6c4/0x1150
[ 94.524337][ T6542] ksys_write+0x12a/0x250
[ 94.525706][ T6542] do_syscall_64+0xcd/0x4c0
[ 94.527066][ T6542] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 94.529107][ T6542] page last free pid 28 tgid 28 stack trace:
[ 94.530923][ T6542] __free_frozen_pages+0x7fe/0x1180
[ 94.532497][ T6542] tlb_remove_table_rcu+0x116/0x1a0
[ 94.534169][ T6542] rcu_core+0x799/0x14e0
[ 94.535509][ T6542] handle_softirqs+0x219/0x8e0
[ 94.536928][ T6542] run_ksoftirqd+0x3a/0x60
[ 94.538311][ T6542] smpboot_thread_fn+0x3f7/0xae0
[ 94.539808][ T6542] kthread+0x3c5/0x780
[ 94.541085][ T6542] ret_from_fork+0x5d4/0x6f0
[ 94.542516][ T6542] ret_from_fork_asm+0x1a/0x30
[ 94.543991][ T6542] Modules linked in:
[ 94.545308][ T6542] CPU: 1 UID: 0 PID: 6542 Comm: syz.0.16 Tainted: G B 6.16.0-rc6-syzkaller-00279-gbf61759db409 #0 PREEMPT(full)
[ 94.545325][ T6542] Tainted: [B]=BAD_PAGE
[ 94.545328][ T6542] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 94.545335][ T6542] Call Trace:
[ 94.545339][ T6542]
[ 94.545343][ T6542] dump_stack_lvl+0x16c/0x1f0
[ 94.545362][ T6542] bad_page+0xcf/0x220
[ 94.545373][ T6542] ? __pfx_bad_page+0x10/0x10
[ 94.545384][ T6542] ? page_bad_reason+0x9d/0x1f0
[ 94.545394][ T6542] __free_frozen_pages+0x824/0x1180
[ 94.545409][ T6542] ? mark_held_locks+0x49/0x80
[ 94.545419][ T6542] page_frag_free+0x27f/0x2e0
[ 94.545429][ T6542] __xdp_return+0x38e/0xa90
[ 94.545442][ T6542] ? kmem_cache_free+0x2d1/0x4d0
[ 94.545458][ T6542] bpf_xdp_adjust_tail+0xa11/0xfd0
[ 94.545473][ T6542] bpf_prog_f476d5219b92964a+0x1e/0x24
[ 94.545482][ T6542] bpf_prog_run_generic_xdp+0x626/0x1530
[ 94.545501][ T6542] do_xdp_generic+0x8e6/0x1320
[ 94.545517][ T6542] ? __pfx_do_xdp_generic+0x10/0x10
[ 94.545533][ T6542] ? virtio_net_hdr_to_skb+0x57c/0x1410
[ 94.545548][ T6542] tun_get_user+0x1bc6/0x3b80
[ 94.545561][ T6542] ? __pfx_tun_get_user+0x10/0x10
[ 94.545571][ T6542] ? __pfx_ref_tracker_alloc+0x10/0x10
[ 94.545583][ T6542] ? find_held_lock+0x2b/0x80
[ 94.545596][ T6542] ? tun_get+0x191/0x370
[ 94.545606][ T6542] tun_chr_write_iter+0xdc/0x210
[ 94.545618][ T6542] vfs_write+0x6c4/0x1150
[ 94.545633][ T6542] ? __pfx_tun_chr_write_iter+0x10/0x10
[ 94.545645][ T6542] ? __pfx_vfs_write+0x10/0x10
[ 94.545659][ T6542] ? find_held_lock+0x2b/0x80
[ 94.545675][ T6542] ksys_write+0x12a/0x250
[ 94.545689][ T6542] ? __pfx_ksys_write+0x10/0x10
[ 94.545706][ T6542] do_syscall_64+0xcd/0x4c0
[ 94.545716][ T6542] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 94.545727][ T6542] RIP: 0033:0x7f475038bc1f
[ 94.545735][ T6542] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48
[ 94.545746][ T6542] RSP: 002b:00007f4751126000 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[ 94.545755][ T6542] RAX: ffffffffffffffda RBX: 00007f47505a5fa0 RCX: 00007f475038bc1f
[ 94.545762][ T6542] RDX: 000000000000fdef RSI: 0000200000000a80 RDI: 00000000000000c8
[ 94.545768][ T6542] RBP: 00007f475040e2a0 R08: 0000000000000000 R09: 0000000000000000
[ 94.545774][ T6542] R10: 000000000000fdef R11: 0000000000000293 R12: 0000000000000000
[ 94.545780][ T6542] R13: 0000000000000000 R14: 00007f47505a5fa0 R15: 00007ffe596f8698
[ 94.545789][ T6542]
[ 94.545796][ T6542] BUG: Bad page state in process syz.0.16 pfn:2cba0
[ 94.623797][ T6542] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x2cba0
[ 94.626512][ T6542] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[ 94.628640][ T6542] raw: 00fff00000000000 dead000000000040 ffff888021b9b000 0000000000000000
[ 94.631258][ T6542] raw: 0000000000000000 0000000000000001 00000000ffffffff 0000000000000000
[ 94.633799][ T6542] page dumped because: page_pool leak
[ 94.635506][ T6542] page_owner tracks the page as allocated
[ 94.637230][ T6542] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2820(GFP_ATOMIC|__GFP_NOWARN), pid 6542, tgid 6541 (syz.0.16), ts 93988493688, free_ts 93619003130
[ 94.642256][ T6542] post_alloc_hook+0x1c0/0x230
[ 94.643752][ T6542] get_page_from_freelist+0x1321/0x3890
[ 94.645535][ T6542] __alloc_frozen_pages_noprof+0x261/0x23f0
[ 94.647362][ T6542] alloc_pages_bulk_noprof+0x71c/0x1410
[ 94.649040][ T6542] __page_pool_alloc_pages_slow+0x193/0xc30
[ 94.650949][ T6542] page_pool_alloc_netmems+0xc4/0x190
[ 94.652554][ T6542] skb_pp_cow_data+0x7c0/0xff0
[ 94.654014][ T6542] skb_cow_data_for_xdp+0x88/0xb0
[ 94.655619][ T6542] do_xdp_generic+0x530/0x1320
[ 94.657092][ T6542] tun_get_user+0x1bc6/0x3b80
[ 94.658516][ T6542] tun_chr_write_iter+0xdc/0x210
[ 94.660006][ T6542] vfs_write+0x6c4/0x1150
[ 94.661322][ T6542] ksys_write+0x12a/0x250
[ 94.662590][ T6542] do_syscall_64+0xcd/0x4c0
[ 94.663974][ T6542] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 94.665782][ T6542] page last free pid 28 tgid 28 stack trace:
[ 94.667515][ T6542] __free_frozen_pages+0x7fe/0x1180
[ 94.669078][ T6542] tlb_remove_table_rcu+0x116/0x1a0
[ 94.670658][ T6542] rcu_core+0x799/0x14e0
[ 94.671915][ T6542] handle_softirqs+0x219/0x8e0
[ 94.673379][ T6542] run_ksoftirqd+0x3a/0x60
[ 94.674709][ T6542] smpboot_thread_fn+0x3f7/0xae0
[ 94.676276][ T6542] kthread+0x3c5/0x780
[ 94.677624][ T6542] ret_from_fork+0x5d4/0x6f0
[ 94.679403][ T6542] ret_from_fork_asm+0x1a/0x30
[ 94.681293][ T6542] Modules linked in:
[ 94.682863][ T6542] CPU: 1 UID: 0 PID: 6542 Comm: syz.0.16 Tainted: G B 6.16.0-rc6-syzkaller-00279-gbf61759db409 #0 PREEMPT(full)
[ 94.682887][ T6542] Tainted: [B]=BAD_PAGE
[ 94.682892][ T6542] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 94.682902][ T6542] Call Trace:
[ 94.682908][ T6542]
[ 94.682914][ T6542] dump_stack_lvl+0x16c/0x1f0
[ 94.682943][ T6542] bad_page+0xcf/0x220
[ 94.682959][ T6542] ? __pfx_bad_page+0x10/0x10
[ 94.682976][ T6542] ? page_bad_reason+0x9d/0x1f0
[ 94.682993][ T6542] __free_frozen_pages+0x824/0x1180
[ 94.683017][ T6542] ? mark_held_locks+0x49/0x80
[ 94.683033][ T6542] page_frag_free+0x27f/0x2e0
[ 94.683050][ T6542] __xdp_return+0x38e/0xa90
[ 94.683070][ T6542] ? kmem_cache_free+0x2d1/0x4d0
[ 94.683096][ T6542] bpf_xdp_adjust_tail+0xa11/0xfd0
[ 94.683121][ T6542] bpf_prog_f476d5219b92964a+0x1e/0x24
[ 94.683135][ T6542] bpf_prog_run_generic_xdp+0x626/0x1530
[ 94.683162][ T6542] do_xdp_generic+0x8e6/0x1320
[ 94.683185][ T6542] ? __pfx_do_xdp_generic+0x10/0x10
[ 94.683210][ T6542] ? virtio_net_hdr_to_skb+0x57c/0x1410
[ 94.683235][ T6542] tun_get_user+0x1bc6/0x3b80
[ 94.683262][ T6542] ? __pfx_tun_get_user+0x10/0x10
[ 94.683278][ T6542] ? __pfx_ref_tracker_alloc+0x10/0x10
[ 94.683297][ T6542] ? find_held_lock+0x2b/0x80
[ 94.683317][ T6542] ? tun_get+0x191/0x370
[ 94.683334][ T6542] tun_chr_write_iter+0xdc/0x210
[ 94.683353][ T6542] vfs_write+0x6c4/0x1150
[ 94.683379][ T6542] ? __pfx_tun_chr_write_iter+0x10/0x10
[ 94.683398][ T6542] ? __pfx_vfs_write+0x10/0x10
[ 94.683420][ T6542] ? find_held_lock+0x2b/0x80
[ 94.683447][ T6542] ksys_write+0x12a/0x250
[ 94.683470][ T6542] ? __pfx_ksys_write+0x10/0x10
[ 94.683497][ T6542] do_syscall_64+0xcd/0x4c0
[ 94.683514][ T6542] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 94.683531][ T6542] RIP: 0033:0x7f475038bc1f
[ 94.683544][ T6542] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48
[ 94.683560][ T6542] RSP: 002b:00007f4751126000 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[ 94.683576][ T6542] RAX: ffffffffffffffda RBX: 00007f47505a5fa0 RCX: 00007f475038bc1f
[ 94.683587][ T6542] RDX: 000000000000fdef RSI: 0000200000000a80 RDI: 00000000000000c8
[ 94.683597][ T6542] RBP: 00007f475040e2a0 R08: 0000000000000000 R09: 0000000000000000
[ 94.683607][ T6542] R10: 000000000000fdef R11: 0000000000000293 R12: 0000000000000000
[ 94.683616][ T6542] R13: 0000000000000000 R14: 00007f47505a5fa0 R15: 00007ffe596f8698
[ 94.683632][ T6542]
[ 94.683642][ T6542] BUG: Bad page state in process syz.0.16 pfn:2a065
[ 94.777026][ T6542] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffff888034e9b200 pfn:0x2a065
[ 94.780701][ T6542] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[ 94.783303][ T6542] raw: 00fff00000000000 dead000000000040 ffff888021b9b000 0000000000000000
[ 94.785961][ T6542] raw: ffff888034e9b200 0000000000000001 00000000ffffffff 0000000000000000
[ 94.788506][ T6542] page dumped because: page_pool leak
[ 94.790153][ T6542] page_owner tracks the page as allocated
[ 94.791838][ T6542] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2820(GFP_ATOMIC|__GFP_NOWARN), pid 6542, tgid 6541 (syz.0.16), ts 93988486981, free_ts 93619018801
[ 94.796664][ T6542] post_alloc_hook+0x1c0/0x230
[ 94.798283][ T6542] get_page_from_freelist+0x1321/0x3890
[ 94.800005][ T6542] __alloc_frozen_pages_noprof+0x261/0x23f0
[ 94.801771][ T6542] alloc_pages_bulk_noprof+0x71c/0x1410
[ 94.803424][ T6542] __page_pool_alloc_pages_slow+0x193/0xc30
[ 94.805539][ T6542] page_pool_alloc_netmems+0xc4/0x190
[ 94.807764][ T6542] skb_pp_cow_data+0x7c0/0xff0
[ 94.809786][ T6542] skb_cow_data_for_xdp+0x88/0xb0
[ 94.811826][ T6542] do_xdp_generic+0x530/0x1320
[ 94.813801][ T6542] tun_get_user+0x1bc6/0x3b80
[ 94.815762][ T6542] tun_chr_write_iter+0xdc/0x210
[ 94.817820][ T6542] vfs_write+0x6c4/0x1150
[ 94.819598][ T6542] ksys_write+0x12a/0x250
[ 94.821404][ T6542] do_syscall_64+0xcd/0x4c0
[ 94.823286][ T6542] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 94.825697][ T6542] page last free pid 28 tgid 28 stack trace:
[ 94.828050][ T6542] __free_frozen_pages+0x7fe/0x1180
[ 94.830133][ T6542] tlb_remove_table_rcu+0x116/0x1a0
[ 94.832223][ T6542] rcu_core+0x799/0x14e0
[ 94.834001][ T6542] handle_softirqs+0x219/0x8e0
[ 94.836028][ T6542] run_ksoftirqd+0x3a/0x60
[ 94.837439][ T6542] smpboot_thread_fn+0x3f7/0xae0
[ 94.839002][ T6542] kthread+0x3c5/0x780
[ 94.840604][ T6542] ret_from_fork+0x5d4/0x6f0
[ 94.842525][ T6542] ret_from_fork_asm+0x1a/0x30
[ 94.844453][ T6542] Modules linked in:
[ 94.846146][ T6542] CPU: 1 UID: 0 PID: 6542 Comm: syz.0.16 Tainted: G B 6.16.0-rc6-syzkaller-00279-gbf61759db409 #0 PREEMPT(full)
[ 94.846172][ T6542] Tainted: [B]=BAD_PAGE
[ 94.846178][ T6542] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 94.846188][ T6542] Call Trace:
[ 94.846195][ T6542]
[ 94.846201][ T6542] dump_stack_lvl+0x16c/0x1f0
[ 94.846230][ T6542] bad_page+0xcf/0x220
[ 94.846254][ T6542] ? __pfx_bad_page+0x10/0x10
[ 94.846271][ T6542] ? page_bad_reason+0x9d/0x1f0
[ 94.846288][ T6542] __free_frozen_pages+0x824/0x1180
[ 94.846313][ T6542] ? mark_held_locks+0x49/0x80
[ 94.846329][ T6542] page_frag_free+0x27f/0x2e0
[ 94.846346][ T6542] __xdp_return+0x38e/0xa90
[ 94.846365][ T6542] ? kmem_cache_free+0x2d1/0x4d0
[ 94.846390][ T6542] bpf_xdp_adjust_tail+0xa11/0xfd0
[ 94.846416][ T6542] bpf_prog_f476d5219b92964a+0x1e/0x24
[ 94.846430][ T6542] bpf_prog_run_generic_xdp+0x626/0x1530
[ 94.846460][ T6542] do_xdp_generic+0x8e6/0x1320
[ 94.846484][ T6542] ? __pfx_do_xdp_generic+0x10/0x10
[ 94.846508][ T6542] ? virtio_net_hdr_to_skb+0x57c/0x1410
[ 94.846532][ T6542] tun_get_user+0x1bc6/0x3b80
[ 94.846552][ T6542] ? __pfx_tun_get_user+0x10/0x10
[ 94.846569][ T6542] ? __pfx_ref_tracker_alloc+0x10/0x10
[ 94.846588][ T6542] ? find_held_lock+0x2b/0x80
[ 94.846609][ T6542] ? tun_get+0x191/0x370
[ 94.846626][ T6542] tun_chr_write_iter+0xdc/0x210
[ 94.846644][ T6542] vfs_write+0x6c4/0x1150
[ 94.846669][ T6542] ? __pfx_tun_chr_write_iter+0x10/0x10
[ 94.846688][ T6542] ? __pfx_vfs_write+0x10/0x10
[ 94.846710][ T6542] ? find_held_lock+0x2b/0x80
[ 94.846737][ T6542] ksys_write+0x12a/0x250
[ 94.846760][ T6542] ? __pfx_ksys_write+0x10/0x10
[ 94.846787][ T6542] do_syscall_64+0xcd/0x4c0
[ 94.846804][ T6542] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 94.846821][ T6542] RIP: 0033:0x7f475038bc1f
[ 94.846835][ T6542] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48
[ 94.846850][ T6542] RSP: 002b:00007f4751126000 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[ 94.846866][ T6542] RAX: ffffffffffffffda RBX: 00007f47505a5fa0 RCX: 00007f475038bc1f
[ 94.846877][ T6542] RDX: 000000000000fdef RSI: 0000200000000a80 RDI: 00000000000000c8
[ 94.846887][ T6542] RBP: 00007f475040e2a0 R08: 0000000000000000 R09: 0000000000000000
[ 94.846897][ T6542] R10: 000000000000fdef R11: 0000000000000293 R12: 0000000000000000
[ 94.846906][ T6542] R13: 0000000000000000 R14: 00007f47505a5fa0 R15: 00007ffe596f8698
[ 94.846922][ T6542]
[ 94.846932][ T6542] BUG: Bad page state in process syz.0.16 pfn:2fa9e
[ 94.934354][ T6542] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffff888000000000 pfn:0x2fa9e
[ 94.937634][ T6542] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[ 94.939818][ T6542] raw: 00fff00000000000 dead000000000040 ffff888021b9b000 0000000000000000
[ 94.942463][ T6542] raw: ffff888000000000 0000000000000001 00000000ffffffff 0000000000000000
[ 94.945149][ T6542] page dumped because: page_pool leak
[ 94.946792][ T6542] page_owner tracks the page as allocated
[ 94.948820][ T6542] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2820(GFP_ATOMIC|__GFP_NOWARN), pid 6542, tgid 6541 (syz.0.16), ts 93988480193, free_ts 93619036860
[ 94.953844][ T6542] post_alloc_hook+0x1c0/0x230
[ 94.955364][ T6542] get_page_from_freelist+0x1321/0x3890
[ 94.957051][ T6542] __alloc_frozen_pages_noprof+0x261/0x23f0
[ 94.958881][ T6542] alloc_pages_bulk_noprof+0x71c/0x1410
[ 94.960642][ T6542] __page_pool_alloc_pages_slow+0x193/0xc30
[ 94.962466][ T6542] page_pool_alloc_netmems+0xc4/0x190
[ 94.964102][ T6542] skb_pp_cow_data+0x7c0/0xff0
[ 94.965644][ T6542] skb_cow_data_for_xdp+0x88/0xb0
[ 94.967190][ T6542] do_xdp_generic+0x530/0x1320
[ 94.968701][ T6542] tun_get_user+0x1bc6/0x3b80
[ 94.970189][ T6542] tun_chr_write_iter+0xdc/0x210
[ 94.971679][ T6542] vfs_write+0x6c4/0x1150
[ 94.973025][ T6542] ksys_write+0x12a/0x250
[ 94.974348][ T6542] do_syscall_64+0xcd/0x4c0
[ 94.975801][ T6542] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 94.977644][ T6542] page last free pid 28 tgid 28 stack trace:
[ 94.979892][ T6542] __free_frozen_pages+0x7fe/0x1180
[ 94.981475][ T6542] tlb_remove_table_rcu+0x116/0x1a0
[ 94.983077][ T6542] rcu_core+0x799/0x14e0
[ 94.984383][ T6542] handle_softirqs+0x219/0x8e0
[ 94.985904][ T6542] run_ksoftirqd+0x3a/0x60
[ 94.987256][ T6542] smpboot_thread_fn+0x3f7/0xae0
[ 94.988917][ T6542] kthread+0x3c5/0x780
[ 94.990558][ T6542] ret_from_fork+0x5d4/0x6f0
[ 94.992161][ T6542] ret_from_fork_asm+0x1a/0x30
[ 94.993671][ T6542] Modules linked in:
[ 94.994871][ T6542] CPU: 1 UID: 0 PID: 6542 Comm: syz.0.16 Tainted: G B 6.16.0-rc6-syzkaller-00279-gbf61759db409 #0 PREEMPT(full)
[ 94.994888][ T6542] Tainted: [B]=BAD_PAGE
[ 94.994892][ T6542] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 94.994898][ T6542] Call Trace:
[ 94.994902][ T6542]
[ 94.994906][ T6542] dump_stack_lvl+0x16c/0x1f0
[ 94.994925][ T6542] bad_page+0xcf/0x220
[ 94.994935][ T6542] ? __pfx_bad_page+0x10/0x10
[ 94.994945][ T6542] ? page_bad_reason+0x9d/0x1f0
[ 94.994956][ T6542] __free_frozen_pages+0x824/0x1180
[ 94.994970][ T6542] ? mark_held_locks+0x49/0x80
[ 94.994993][ T6542] page_frag_free+0x27f/0x2e0
[ 94.995004][ T6542] __xdp_return+0x38e/0xa90
[ 94.995017][ T6542] ? kmem_cache_free+0x2d1/0x4d0
[ 94.995032][ T6542] bpf_xdp_adjust_tail+0xa11/0xfd0
[ 94.995048][ T6542] bpf_prog_f476d5219b92964a+0x1e/0x24
[ 94.995056][ T6542] bpf_prog_run_generic_xdp+0x626/0x1530
[ 94.995075][ T6542] do_xdp_generic+0x8e6/0x1320
[ 94.995090][ T6542] ? __pfx_do_xdp_generic+0x10/0x10
[ 94.995106][ T6542] ? virtio_net_hdr_to_skb+0x57c/0x1410
[ 94.995121][ T6542] tun_get_user+0x1bc6/0x3b80
[ 94.995134][ T6542] ? __pfx_tun_get_user+0x10/0x10
[ 94.995144][ T6542] ? __pfx_ref_tracker_alloc+0x10/0x10
[ 94.995157][ T6542] ? find_held_lock+0x2b/0x80
[ 94.995170][ T6542] ? tun_get+0x191/0x370
[ 94.995180][ T6542] tun_chr_write_iter+0xdc/0x210
[ 94.995192][ T6542] vfs_write+0x6c4/0x1150
[ 94.995207][ T6542] ? __pfx_tun_chr_write_iter+0x10/0x10
[ 94.995219][ T6542] ? __pfx_vfs_write+0x10/0x10
[ 94.995233][ T6542] ? find_held_lock+0x2b/0x80
[ 94.995260][ T6542] ksys_write+0x12a/0x250
[ 94.995284][ T6542] ? __pfx_ksys_write+0x10/0x10
[ 94.995311][ T6542] do_syscall_64+0xcd/0x4c0
[ 94.995330][ T6542] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 94.995344][ T6542] RIP: 0033:0x7f475038bc1f
[ 94.995353][ T6542] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48
[ 94.995364][ T6542] RSP: 002b:00007f4751126000 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[ 94.995374][ T6542] RAX: ffffffffffffffda RBX: 00007f47505a5fa0 RCX: 00007f475038bc1f
[ 94.995381][ T6542] RDX: 000000000000fdef RSI: 0000200000000a80 RDI: 00000000000000c8
[ 94.995387][ T6542] RBP: 00007f475040e2a0 R08: 0000000000000000 R09: 0000000000000000
[ 94.995393][ T6542] R10: 000000000000fdef R11: 0000000000000293 R12: 0000000000000000
[ 94.995399][ T6542] R13: 0000000000000000 R14: 00007f47505a5fa0 R15: 00007ffe596f8698
[ 94.995408][ T6542]
[ 95.072426][ T6542] BUG: Bad page state in process syz.0.16 pfn:276c4
[ 95.074466][ T6542] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x276c4
[ 95.077147][ T6542] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[ 95.079301][ T6542] raw: 00fff00000000000 dead000000000040 ffff888021b9b000 0000000000000000
[ 95.081860][ T6542] raw: 0000000000000000 0000000000000001 00000000ffffffff 0000000000000000
[ 95.084400][ T6542] page dumped because: page_pool leak
[ 95.086076][ T6542] page_owner tracks the page as allocated
[ 95.087769][ T6542] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2820(GFP_ATOMIC|__GFP_NOWARN), pid 6542, tgid 6541 (syz.0.16), ts 93988473577, free_ts 93619046740
[ 95.093041][ T6542] post_alloc_hook+0x1c0/0x230
[ 95.094561][ T6542] get_page_from_freelist+0x1321/0x3890
[ 95.096322][ T6542] __alloc_frozen_pages_noprof+0x261/0x23f0
[ 95.098126][ T6542] alloc_pages_bulk_noprof+0x71c/0x1410
[ 95.099861][ T6542] __page_pool_alloc_pages_slow+0x193/0xc30
[ 95.101685][ T6542] page_pool_alloc_netmems+0xc4/0x190
[ 95.103328][ T6542] skb_pp_cow_data+0x7c0/0xff0
[ 95.104825][ T6542] skb_cow_data_for_xdp+0x88/0xb0
[ 95.106571][ T6542] do_xdp_generic+0x530/0x1320
[ 95.108071][ T6542] tun_get_user+0x1bc6/0x3b80
[ 95.109552][ T6542] tun_chr_write_iter+0xdc/0x210
[ 95.111120][ T6542] vfs_write+0x6c4/0x1150
[ 95.112483][ T6542] ksys_write+0x12a/0x250
[ 95.113851][ T6542] do_syscall_64+0xcd/0x4c0
[ 95.115232][ T6542] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 95.116888][ T6542] page last free pid 28 tgid 28 stack trace:
[ 95.118872][ T6542] __free_frozen_pages+0x7fe/0x1180
[ 95.120483][ T6542] tlb_remove_table_rcu+0x116/0x1a0
[ 95.122162][ T6542] rcu_core+0x799/0x14e0
[ 95.123481][ T6542] handle_softirqs+0x219/0x8e0
[ 95.124949][ T6542] run_ksoftirqd+0x3a/0x60
[ 95.126430][ T6542] smpboot_thread_fn+0x3f7/0xae0
[ 95.128029][ T6542] kthread+0x3c5/0x780
[ 95.129446][ T6542] ret_from_fork+0x5d4/0x6f0
[ 95.130873][ T6542] ret_from_fork_asm+0x1a/0x30
[ 95.132186][ T6542] Modules linked in:
[ 95.133328][ T6542] CPU: 1 UID: 0 PID: 6542 Comm: syz.0.16 Tainted: G B 6.16.0-rc6-syzkaller-00279-gbf61759db409 #0 PREEMPT(full)
[ 95.133344][ T6542] Tainted: [B]=BAD_PAGE
[ 95.133348][ T6542] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 95.133355][ T6542] Call Trace:
[ 95.133359][ T6542]
[ 95.133363][ T6542] dump_stack_lvl+0x16c/0x1f0
[ 95.133382][ T6542] bad_page+0xcf/0x220
[ 95.133393][ T6542] ? __pfx_bad_page+0x10/0x10
[ 95.133403][ T6542] ? page_bad_reason+0x9d/0x1f0
[ 95.133413][ T6542] __free_frozen_pages+0x824/0x1180
[ 95.133428][ T6542] ? mark_held_locks+0x49/0x80
[ 95.133438][ T6542] page_frag_free+0x27f/0x2e0
[ 95.133448][ T6542] __xdp_return+0x38e/0xa90
[ 95.133461][ T6542] ? kmem_cache_free+0x2d1/0x4d0
[ 95.133476][ T6542] bpf_xdp_adjust_tail+0xa11/0xfd0
[ 95.133492][ T6542] bpf_prog_f476d5219b92964a+0x1e/0x24
[ 95.133501][ T6542] bpf_prog_run_generic_xdp+0x626/0x1530
[ 95.133519][ T6542] do_xdp_generic+0x8e6/0x1320
[ 95.133534][ T6542] ? __pfx_do_xdp_generic+0x10/0x10
[ 95.133550][ T6542] ? virtio_net_hdr_to_skb+0x57c/0x1410
[ 95.133565][ T6542] tun_get_user+0x1bc6/0x3b80
[ 95.133578][ T6542] ? __pfx_tun_get_user+0x10/0x10
[ 95.133589][ T6542] ? __pfx_ref_tracker_alloc+0x10/0x10
[ 95.133602][ T6542] ? find_held_lock+0x2b/0x80
[ 95.133615][ T6542] ? tun_get+0x191/0x370
[ 95.133625][ T6542] tun_chr_write_iter+0xdc/0x210
[ 95.133636][ T6542] vfs_write+0x6c4/0x1150
[ 95.133652][ T6542] ? __pfx_tun_chr_write_iter+0x10/0x10
[ 95.133663][ T6542] ? __pfx_vfs_write+0x10/0x10
[ 95.133677][ T6542] ? find_held_lock+0x2b/0x80
[ 95.133693][ T6542] ksys_write+0x12a/0x250
[ 95.133708][ T6542] ? __pfx_ksys_write+0x10/0x10
[ 95.133725][ T6542] do_syscall_64+0xcd/0x4c0
[ 95.133735][ T6542] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 95.133746][ T6542] RIP: 0033:0x7f475038bc1f
[ 95.133755][ T6542] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48
[ 95.133765][ T6542] RSP: 002b:00007f4751126000 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[ 95.133774][ T6542] RAX: ffffffffffffffda RBX: 00007f47505a5fa0 RCX: 00007f475038bc1f
[ 95.133781][ T6542] RDX: 000000000000fdef RSI: 0000200000000a80 RDI: 00000000000000c8
[ 95.133787][ T6542] RBP: 00007f475040e2a0 R08: 0000000000000000 R09: 0000000000000000
[ 95.133793][ T6542] R10: 000000000000fdef R11: 0000000000000293 R12: 0000000000000000
[ 95.133799][ T6542] R13: 0000000000000000 R14: 00007f47505a5fa0 R15: 00007ffe596f8698
[ 95.133808][ T6542]
[ 95.133815][ T6542] BUG: Bad page state in process syz.0.16 pfn:4472c
[ 95.212986][ T6542] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffff88804472ce10 pfn:0x4472c
[ 95.216085][ T6542] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[ 95.218280][ T6542] raw: 00fff00000000000 dead000000000040 ffff888021b9b000 0000000000000000
[ 95.220832][ T6542] raw: ffff88804472ce10 0000000000000001 00000000ffffffff 0000000000000000
[ 95.223389][ T6542] page dumped because: page_pool leak
[ 95.224965][ T6542] page_owner tracks the page as allocated
[ 95.226690][ T6542] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2820(GFP_ATOMIC|__GFP_NOWARN), pid 6542, tgid 6541 (syz.0.16), ts 93988467006, free_ts 93619063907
[ 95.231553][ T6542] post_alloc_hook+0x1c0/0x230
[ 95.233003][ T6542] get_page_from_freelist+0x1321/0x3890
[ 95.234675][ T6542] __alloc_frozen_pages_noprof+0x261/0x23f0
[ 95.236462][ T6542] alloc_pages_bulk_noprof+0x71c/0x1410
[ 95.238136][ T6542] __page_pool_alloc_pages_slow+0x193/0xc30
[ 95.239942][ T6542] page_pool_alloc_netmems+0xc4/0x190
[ 95.241553][ T6542] skb_pp_cow_data+0x7c0/0xff0
[ 95.242975][ T6542] skb_cow_data_for_xdp+0x88/0xb0
[ 95.244489][ T6542] do_xdp_generic+0x530/0x1320
[ 95.245969][ T6542] tun_get_user+0x1bc6/0x3b80
[ 95.247375][ T6542] tun_chr_write_iter+0xdc/0x210
[ 95.248916][ T6542] vfs_write+0x6c4/0x1150
[ 95.250250][ T6542] ksys_write+0x12a/0x250
[ 95.251553][ T6542] do_syscall_64+0xcd/0x4c0
[ 95.252968][ T6542] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 95.254719][ T6542] page last free pid 28 tgid 28 stack trace:
[ 95.256609][ T6542] __free_frozen_pages+0x7fe/0x1180
[ 95.258273][ T6542] tlb_remove_table_rcu+0x116/0x1a0
[ 95.259906][ T6542] rcu_core+0x799/0x14e0
[ 95.261207][ T6542] handle_softirqs+0x219/0x8e0
[ 95.262646][ T6542] run_ksoftirqd+0x3a/0x60
[ 95.264009][ T6542] smpboot_thread_fn+0x3f7/0xae0
[ 95.265569][ T6542] kthread+0x3c5/0x780
[ 95.266819][ T6542] ret_from_fork+0x5d4/0x6f0
[ 95.268231][ T6542] ret_from_fork_asm+0x1a/0x30
[ 95.269707][ T6542] Modules linked in:
[ 95.270896][ T6542] CPU: 1 UID: 0 PID: 6542 Comm: syz.0.16 Tainted: G B 6.16.0-rc6-syzkaller-00279-gbf61759db409 #0 PREEMPT(full)
[ 95.270912][ T6542] Tainted: [B]=BAD_PAGE
[ 95.270915][ T6542] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 95.270922][ T6542] Call Trace:
[ 95.270926][ T6542]
[ 95.270930][ T6542] dump_stack_lvl+0x16c/0x1f0
[ 95.270949][ T6542] bad_page+0xcf/0x220
[ 95.270959][ T6542] ? __pfx_bad_page+0x10/0x10
[ 95.270969][ T6542] ? page_bad_reason+0x9d/0x1f0
[ 95.270980][ T6542] __free_frozen_pages+0x824/0x1180
[ 95.270994][ T6542] ? mark_held_locks+0x49/0x80
[ 95.271004][ T6542] page_frag_free+0x27f/0x2e0
[ 95.271014][ T6542] __xdp_return+0x38e/0xa90
[ 95.271030][ T6542] ? kmem_cache_free+0x2d1/0x4d0
[ 95.271050][ T6542] bpf_xdp_adjust_tail+0xa11/0xfd0
[ 95.271068][ T6542] bpf_prog_f476d5219b92964a+0x1e/0x24
[ 95.271077][ T6542] bpf_prog_run_generic_xdp+0x626/0x1530
[ 95.271095][ T6542] do_xdp_generic+0x8e6/0x1320
[ 95.271110][ T6542] ? __pfx_do_xdp_generic+0x10/0x10
[ 95.271126][ T6542] ? virtio_net_hdr_to_skb+0x57c/0x1410
[ 95.271141][ T6542] tun_get_user+0x1bc6/0x3b80
[ 95.271154][ T6542] ? __pfx_tun_get_user+0x10/0x10
[ 95.271165][ T6542] ? __pfx_ref_tracker_alloc+0x10/0x10
[ 95.271177][ T6542] ? find_held_lock+0x2b/0x80
[ 95.271190][ T6542] ? tun_get+0x191/0x370
[ 95.271200][ T6542] tun_chr_write_iter+0xdc/0x210
[ 95.271211][ T6542] vfs_write+0x6c4/0x1150
[ 95.271227][ T6542] ? __pfx_tun_chr_write_iter+0x10/0x10
[ 95.271239][ T6542] ? __pfx_vfs_write+0x10/0x10
[ 95.271258][ T6542] ? find_held_lock+0x2b/0x80
[ 95.271273][ T6542] ksys_write+0x12a/0x250
[ 95.271288][ T6542] ? __pfx_ksys_write+0x10/0x10
[ 95.271304][ T6542] do_syscall_64+0xcd/0x4c0
[ 95.271316][ T6542] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 95.271327][ T6542] RIP: 0033:0x7f475038bc1f
[ 95.271335][ T6542] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48
[ 95.271345][ T6542] RSP: 002b:00007f4751126000 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[ 95.271355][ T6542] RAX: ffffffffffffffda RBX: 00007f47505a5fa0 RCX: 00007f475038bc1f
[ 95.271361][ T6542] RDX: 000000000000fdef RSI: 0000200000000a80 RDI: 00000000000000c8
[ 95.271367][ T6542] RBP: 00007f475040e2a0 R08: 0000000000000000 R09: 0000000000000000
[ 95.271373][ T6542] R10: 000000000000fdef R11: 0000000000000293 R12: 0000000000000000
[ 95.271379][ T6542] R13: 0000000000000000 R14: 00007f47505a5fa0 R15: 00007ffe596f8698
[ 95.271389][ T6542]
[ 95.271396][ T6542] BUG: Bad page state in process syz.0.16 pfn:34271
[ 95.350180][ T6542] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x34271
[ 95.352846][ T6542] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[ 95.355100][ T6542] raw: 00fff00000000000 dead000000000040 ffff888021b9b000 0000000000000000
[ 95.357683][ T6542] raw: 0000000000000000 0000000000000001 00000000ffffffff 0000000000000000
[ 95.360369][ T6542] page dumped because: page_pool leak
[ 95.362001][ T6542] page_owner tracks the page as allocated
[ 95.363733][ T6542] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2820(GFP_ATOMIC|__GFP_NOWARN), pid 6542, tgid 6541 (syz.0.16), ts 93988460330, free_ts 93619081942
[ 95.368557][ T6542] post_alloc_hook+0x1c0/0x230
[ 95.370086][ T6542] get_page_from_freelist+0x1321/0x3890
[ 95.371763][ T6542] __alloc_frozen_pages_noprof+0x261/0x23f0
[ 95.373575][ T6542] alloc_pages_bulk_noprof+0x71c/0x1410
[ 95.375294][ T6542] __page_pool_alloc_pages_slow+0x193/0xc30
[ 95.377072][ T6542] page_pool_alloc_netmems+0xc4/0x190
[ 95.378782][ T6542] skb_pp_cow_data+0x7c0/0xff0
[ 95.380245][ T6542] skb_cow_data_for_xdp+0x88/0xb0
[ 95.381781][ T6542] do_xdp_generic+0x530/0x1320
[ 95.383253][ T6542] tun_get_user+0x1bc6/0x3b80
[ 95.384665][ T6542] tun_chr_write_iter+0xdc/0x210
[ 95.386202][ T6542] vfs_write+0x6c4/0x1150
[ 95.387546][ T6542] ksys_write+0x12a/0x250
[ 95.389226][ T6542] do_syscall_64+0xcd/0x4c0
[ 95.390697][ T6542] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 95.392479][ T6542] page last free pid 28 tgid 28 stack trace:
[ 95.394305][ T6542] __free_frozen_pages+0x7fe/0x1180
[ 95.395878][ T6542] tlb_remove_table_rcu+0x116/0x1a0
[ 95.397485][ T6542] rcu_core+0x799/0x14e0
[ 95.398833][ T6542] handle_softirqs+0x219/0x8e0
[ 95.400335][ T6542] run_ksoftirqd+0x3a/0x60
[ 95.401707][ T6542] smpboot_thread_fn+0x3f7/0xae0
[ 95.403296][ T6542] kthread+0x3c5/0x780
[ 95.404565][ T6542] ret_from_fork+0x5d4/0x6f0
[ 95.405998][ T6542] ret_from_fork_asm+0x1a/0x30
[ 95.407462][ T6542] Modules linked in:
[ 95.408782][ T6542] CPU: 1 UID: 0 PID: 6542 Comm: syz.0.16 Tainted: G B 6.16.0-rc6-syzkaller-00279-gbf61759db409 #0 PREEMPT(full)
[ 95.408798][ T6542] Tainted: [B]=BAD_PAGE
[ 95.408802][ T6542] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 95.408808][ T6542] Call Trace:
[ 95.408812][ T6542]
[ 95.408816][ T6542] dump_stack_lvl+0x16c/0x1f0
[ 95.408835][ T6542] bad_page+0xcf/0x220
[ 95.408846][ T6542] ? __pfx_bad_page+0x10/0x10
[ 95.408856][ T6542] ? page_bad_reason+0x9d/0x1f0
[ 95.408866][ T6542] __free_frozen_pages+0x824/0x1180
[ 95.408881][ T6542] ? mark_held_locks+0x49/0x80
[ 95.408891][ T6542] page_frag_free+0x27f/0x2e0
[ 95.408901][ T6542] __xdp_return+0x38e/0xa90
[ 95.408915][ T6542] ? kmem_cache_free+0x2d1/0x4d0
[ 95.408930][ T6542] bpf_xdp_adjust_tail+0xa11/0xfd0
[ 95.408946][ T6542] bpf_prog_f476d5219b92964a+0x1e/0x24
[ 95.408954][ T6542] bpf_prog_run_generic_xdp+0x626/0x1530
[ 95.408972][ T6542] do_xdp_generic+0x8e6/0x1320
[ 95.408987][ T6542] ? __pfx_do_xdp_generic+0x10/0x10
[ 95.409003][ T6542] ? virtio_net_hdr_to_skb+0x57c/0x1410
[ 95.409018][ T6542] tun_get_user+0x1bc6/0x3b80
[ 95.409031][ T6542] ? __pfx_tun_get_user+0x10/0x10
[ 95.409042][ T6542] ? __pfx_ref_tracker_alloc+0x10/0x10
[ 95.409076][ T6542] ? find_held_lock+0x2b/0x80
[ 95.409096][ T6542] ? tun_get+0x191/0x370
[ 95.409107][ T6542] tun_chr_write_iter+0xdc/0x210
[ 95.409118][ T6542] vfs_write+0x6c4/0x1150
[ 95.409134][ T6542] ? __pfx_tun_chr_write_iter+0x10/0x10
[ 95.409145][ T6542] ? __pfx_vfs_write+0x10/0x10
[ 95.409160][ T6542] ? find_held_lock+0x2b/0x80
[ 95.409175][ T6542] ksys_write+0x12a/0x250
[ 95.409190][ T6542] ? __pfx_ksys_write+0x10/0x10
[ 95.409207][ T6542] do_syscall_64+0xcd/0x4c0
[ 95.409217][ T6542] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 95.409228][ T6542] RIP: 0033:0x7f475038bc1f
[ 95.409237][ T6542] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48
[ 95.409251][ T6542] RSP: 002b:00007f4751126000 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[ 95.409261][ T6542] RAX: ffffffffffffffda RBX: 00007f47505a5fa0 RCX: 00007f475038bc1f
[ 95.409268][ T6542] RDX: 000000000000fdef RSI: 0000200000000a80 RDI: 00000000000000c8
[ 95.409274][ T6542] RBP: 00007f475040e2a0 R08: 0000000000000000 R09: 0000000000000000
[ 95.409280][ T6542] R10: 000000000000fdef R11: 0000000000000293 R12: 0000000000000000
[ 95.409286][ T6542] R13: 0000000000000000 R14: 00007f47505a5fa0 R15: 00007ffe596f8698
[ 95.409295][ T6542]
[ 95.409303][ T6542] BUG: Bad page state in process syz.0.16 pfn:38165
[ 95.489382][ T6542] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffff888000000000 pfn:0x38165
[ 95.492403][ T6542] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[ 95.494605][ T6542] raw: 00fff00000000000 dead000000000040 ffff888021b9b000 0000000000000000
[ 95.497309][ T6542] raw: ffff888000000000 0000000000000001 00000000ffffffff 0000000000000000
[ 95.499896][ T6542] page dumped because: page_pool leak
[ 95.501502][ T6542] page_owner tracks the page as allocated
[ 95.503210][ T6542] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2820(GFP_ATOMIC|__GFP_NOWARN), pid 6542, tgid 6541 (syz.0.16), ts 93988453672, free_ts 93619099693
[ 95.508323][ T6542] post_alloc_hook+0x1c0/0x230
[ 95.509845][ T6542] get_page_from_freelist+0x1321/0x3890
[ 95.511546][ T6542] __alloc_frozen_pages_noprof+0x261/0x23f0
[ 95.513374][ T6542] alloc_pages_bulk_noprof+0x71c/0x1410
[ 95.515069][ T6542] __page_pool_alloc_pages_slow+0x193/0xc30
[ 95.516864][ T6542] page_pool_alloc_netmems+0xc4/0x190
[ 95.518521][ T6542] skb_pp_cow_data+0x7c0/0xff0
[ 95.519977][ T6542] skb_cow_data_for_xdp+0x88/0xb0
[ 95.521542][ T6542] do_xdp_generic+0x530/0x1320
[ 95.523007][ T6542] tun_get_user+0x1bc6/0x3b80
[ 95.524485][ T6542] tun_chr_write_iter+0xdc/0x210
[ 95.526048][ T6542] vfs_write+0x6c4/0x1150
[ 95.527371][ T6542] ksys_write+0x12a/0x250
[ 95.528679][ T6542] do_syscall_64+0xcd/0x4c0
[ 95.530174][ T6542] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 95.531959][ T6542] page last free pid 28 tgid 28 stack trace:
[ 95.533791][ T6542] __free_frozen_pages+0x7fe/0x1180
[ 95.535425][ T6542] tlb_remove_table_rcu+0x116/0x1a0
[ 95.537077][ T6542] rcu_core+0x799/0x14e0
[ 95.538763][ T6542] handle_softirqs+0x219/0x8e0
[ 95.540703][ T6542] run_ksoftirqd+0x3a/0x60
[ 95.542534][ T6542] smpboot_thread_fn+0x3f7/0xae0
[ 95.544560][ T6542] kthread+0x3c5/0x780
[ 95.546286][ T6542] ret_from_fork+0x5d4/0x6f0
[ 95.548141][ T6542] ret_from_fork_asm+0x1a/0x30
[ 95.550112][ T6542] Modules linked in:
[ 95.551665][ T6542] CPU: 1 UID: 0 PID: 6542 Comm: syz.0.16 Tainted: G B 6.16.0-rc6-syzkaller-00279-gbf61759db409 #0 PREEMPT(full)
[ 95.551688][ T6542] Tainted: [B]=BAD_PAGE
[ 95.551694][ T6542] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 95.551704][ T6542] Call Trace:
[ 95.551710][ T6542]
[ 95.551716][ T6542] dump_stack_lvl+0x16c/0x1f0
[ 95.551745][ T6542] bad_page+0xcf/0x220
[ 95.551762][ T6542] ? __pfx_bad_page+0x10/0x10
[ 95.551779][ T6542] ? page_bad_reason+0x9d/0x1f0
[ 95.551796][ T6542] __free_frozen_pages+0x824/0x1180
[ 95.551819][ T6542] ? mark_held_locks+0x49/0x80
[ 95.551834][ T6542] page_frag_free+0x27f/0x2e0
[ 95.551851][ T6542] __xdp_return+0x38e/0xa90
[ 95.551870][ T6542] ? kmem_cache_free+0x2d1/0x4d0
[ 95.551894][ T6542] bpf_xdp_adjust_tail+0xa11/0xfd0
[ 95.551919][ T6542] bpf_prog_f476d5219b92964a+0x1e/0x24
[ 95.551932][ T6542] bpf_prog_run_generic_xdp+0x626/0x1530
[ 95.551961][ T6542] do_xdp_generic+0x8e6/0x1320
[ 95.551985][ T6542] ? __pfx_do_xdp_generic+0x10/0x10
[ 95.552008][ T6542] ? virtio_net_hdr_to_skb+0x57c/0x1410
[ 95.552033][ T6542] tun_get_user+0x1bc6/0x3b80
[ 95.552055][ T6542] ? __pfx_tun_get_user+0x10/0x10
[ 95.552072][ T6542] ? __pfx_ref_tracker_alloc+0x10/0x10
[ 95.552092][ T6542] ? find_held_lock+0x2b/0x80
[ 95.552113][ T6542] ? tun_get+0x191/0x370
[ 95.552130][ T6542] tun_chr_write_iter+0xdc/0x210
[ 95.552148][ T6542] vfs_write+0x6c4/0x1150
[ 95.552172][ T6542] ? __pfx_tun_chr_write_iter+0x10/0x10
[ 95.552190][ T6542] ? __pfx_vfs_write+0x10/0x10
[ 95.552211][ T6542] ? find_held_lock+0x2b/0x80
[ 95.552237][ T6542] ksys_write+0x12a/0x250
[ 95.552267][ T6542] ? __pfx_ksys_write+0x10/0x10
[ 95.552293][ T6542] do_syscall_64+0xcd/0x4c0
[ 95.552309][ T6542] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 95.552326][ T6542] RIP: 0033:0x7f475038bc1f
[ 95.552339][ T6542] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48
[ 95.552355][ T6542] RSP: 002b:00007f4751126000 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[ 95.552371][ T6542] RAX: ffffffffffffffda RBX: 00007f47505a5fa0 RCX: 00007f475038bc1f
[ 95.552382][ T6542] RDX: 000000000000fdef RSI: 0000200000000a80 RDI: 00000000000000c8
[ 95.552391][ T6542] RBP: 00007f475040e2a0 R08: 0000000000000000 R09: 0000000000000000
[ 95.552401][ T6542] R10: 000000000000fdef R11: 0000000000000293 R12: 0000000000000000
[ 95.552411][ T6542] R13: 0000000000000000 R14: 00007f47505a5fa0 R15: 00007ffe596f8698
[ 95.552426][ T6542]
[ 95.552436][ T6542] BUG: Bad page state in process syz.0.16 pfn:27095
[ 95.637853][ T6542] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffffffff00000000 pfn:0x27095
[ 95.641768][ T6542] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[ 95.644541][ T6542] raw: 00fff00000000000 dead000000000040 ffff888021b9b000 0000000000000000
[ 95.647417][ T6542] raw: ffffffff00000000 0000000000000001 00000000ffffffff 0000000000000000
[ 95.650038][ T6542] page dumped because: page_pool leak
[ 95.651709][ T6542] page_owner tracks the page as allocated
[ 95.653451][ T6542] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2820(GFP_ATOMIC|__GFP_NOWARN), pid 6542, tgid 6541 (syz.0.16), ts 93988447096, free_ts 93619116927
[ 95.658385][ T6542] post_alloc_hook+0x1c0/0x230
[ 95.659835][ T6542] get_page_from_freelist+0x1321/0x3890
[ 95.661495][ T6542] __alloc_frozen_pages_noprof+0x261/0x23f0
[ 95.663287][ T6542] alloc_pages_bulk_noprof+0x71c/0x1410
[ 95.664915][ T6542] __page_pool_alloc_pages_slow+0x193/0xc30
[ 95.666720][ T6542] page_pool_alloc_netmems+0xc4/0x190
[ 95.668383][ T6542] skb_pp_cow_data+0x7c0/0xff0
[ 95.669863][ T6542] skb_cow_data_for_xdp+0x88/0xb0
[ 95.671421][ T6542] do_xdp_generic+0x530/0x1320
[ 95.672888][ T6542] tun_get_user+0x1bc6/0x3b80
[ 95.674795][ T6542] tun_chr_write_iter+0xdc/0x210
[ 95.676584][ T6542] vfs_write+0x6c4/0x1150
[ 95.677951][ T6542] ksys_write+0x12a/0x250
[ 95.679304][ T6542] do_syscall_64+0xcd/0x4c0
[ 95.680706][ T6542] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 95.682463][ T6542] page last free pid 28 tgid 28 stack trace:
[ 95.684238][ T6542] __free_frozen_pages+0x7fe/0x1180
[ 95.685871][ T6542] tlb_remove_table_rcu+0x116/0x1a0
[ 95.687398][ T6542] rcu_core+0x799/0x14e0
[ 95.688950][ T6542] handle_softirqs+0x219/0x8e0
[ 95.690490][ T6542] run_ksoftirqd+0x3a/0x60
[ 95.691887][ T6542] smpboot_thread_fn+0x3f7/0xae0
[ 95.693402][ T6542] kthread+0x3c5/0x780
[ 95.694609][ T6542] ret_from_fork+0x5d4/0x6f0
[ 95.696170][ T6542] ret_from_fork_asm+0x1a/0x30
[ 95.697623][ T6542] Modules linked in:
[ 95.698817][ T6542] CPU: 1 UID: 0 PID: 6542 Comm: syz.0.16 Tainted: G B 6.16.0-rc6-syzkaller-00279-gbf61759db409 #0 PREEMPT(full)
[ 95.698834][ T6542] Tainted: [B]=BAD_PAGE
[ 95.698837][ T6542] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 95.698844][ T6542] Call Trace:
[ 95.698848][ T6542]
[ 95.698852][ T6542] dump_stack_lvl+0x16c/0x1f0
[ 95.698871][ T6542] bad_page+0xcf/0x220
[ 95.698881][ T6542] ? __pfx_bad_page+0x10/0x10
[ 95.698891][ T6542] ? page_bad_reason+0x9d/0x1f0
[ 95.698901][ T6542] __free_frozen_pages+0x824/0x1180
[ 95.698916][ T6542] ? mark_held_locks+0x49/0x80
[ 95.698926][ T6542] page_frag_free+0x27f/0x2e0
[ 95.698936][ T6542] __xdp_return+0x38e/0xa90
[ 95.698948][ T6542] ? kmem_cache_free+0x2d1/0x4d0
[ 95.698964][ T6542] bpf_xdp_adjust_tail+0xa11/0xfd0
[ 95.698980][ T6542] bpf_prog_f476d5219b92964a+0x1e/0x24
[ 95.698989][ T6542] bpf_prog_run_generic_xdp+0x626/0x1530
[ 95.699007][ T6542] do_xdp_generic+0x8e6/0x1320
[ 95.699022][ T6542] ? __pfx_do_xdp_generic+0x10/0x10
[ 95.699038][ T6542] ? virtio_net_hdr_to_skb+0x57c/0x1410
[ 95.699053][ T6542] tun_get_user+0x1bc6/0x3b80
[ 95.699066][ T6542] ? __pfx_tun_get_user+0x10/0x10
[ 95.699076][ T6542] ? __pfx_ref_tracker_alloc+0x10/0x10
[ 95.699088][ T6542] ? find_held_lock+0x2b/0x80
[ 95.699101][ T6542] ? tun_get+0x191/0x370
[ 95.699111][ T6542] tun_chr_write_iter+0xdc/0x210
[ 95.699122][ T6542] vfs_write+0x6c4/0x1150
[ 95.699138][ T6542] ? __pfx_tun_chr_write_iter+0x10/0x10
[ 95.699149][ T6542] ? __pfx_vfs_write+0x10/0x10
[ 95.699163][ T6542] ? find_held_lock+0x2b/0x80
[ 95.699179][ T6542] ksys_write+0x12a/0x250
[ 95.699194][ T6542] ? __pfx_ksys_write+0x10/0x10
[ 95.699210][ T6542] do_syscall_64+0xcd/0x4c0
[ 95.699221][ T6542] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 95.699232][ T6542] RIP: 0033:0x7f475038bc1f
[ 95.699243][ T6542] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48
[ 95.699254][ T6542] RSP: 002b:00007f4751126000 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[ 95.699263][ T6542] RAX: ffffffffffffffda RBX: 00007f47505a5fa0 RCX: 00007f475038bc1f
[ 95.699270][ T6542] RDX: 000000000000fdef RSI: 0000200000000a80 RDI: 00000000000000c8
[ 95.699276][ T6542] RBP: 00007f475040e2a0 R08: 0000000000000000 R09: 0000000000000000
[ 95.699282][ T6542] R10: 000000000000fdef R11: 0000000000000293 R12: 0000000000000000
[ 95.699288][ T6542] R13: 0000000000000000 R14: 00007f47505a5fa0 R15: 00007ffe596f8698
[ 95.699297][ T6542]
[ 95.745115][ T5314] Bluetooth: hci0: command tx timeout
[ 95.807956][ T6545] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x2abe1
[ 95.811527][ T6545] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[ 95.814380][ T6545] raw: 00fff00000000000 dead000000000040 ffff888021b9b000 0000000000000000
[ 95.817615][ T6545] raw: 0000000000000000 3fffffffffffffff 00000000ffffffff 0000000000000000
[ 95.820310][ T6545] page dumped because: VM_BUG_ON_PAGE(page_ref_count(page) == 0)
[ 95.822684][ T6545] page_owner tracks the page as allocated
[ 95.824491][ T6545] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2820(GFP_ATOMIC|__GFP_NOWARN), pid 6542, tgid 6541 (syz.0.16), ts 93988519517, free_ts 93617238924
[ 95.829666][ T6545] post_alloc_hook+0x1c0/0x230
[ 95.831236][ T6545] get_page_from_freelist+0x1321/0x3890
[ 95.832968][ T6545] __alloc_frozen_pages_noprof+0x261/0x23f0
[ 95.834877][ T6545] alloc_pages_bulk_noprof+0x71c/0x1410
[ 95.836697][ T6545] __page_pool_alloc_pages_slow+0x193/0xc30
[ 95.838586][ T6545] page_pool_alloc_netmems+0xc4/0x190
[ 95.840256][ T6545] page_pool_alloc_frag_netmem+0x219/0x9c0
[ 95.842147][ T6545] skb_pp_cow_data+0x584/0xff0
[ 95.843681][ T6545] skb_cow_data_for_xdp+0x88/0xb0
2025/07/19 21:38:24 executed programs: 3
[ 95.845363][ T6545] do_xdp_generic+0x530/0x1320
[ 95.847119][ T6545] tun_get_user+0x1bc6/0x3b80
[ 95.848968][ T6545] tun_chr_write_iter+0xdc/0x210
[ 95.850787][ T6545] vfs_write+0x6c4/0x1150
[ 95.852462][ T6545] ksys_write+0x12a/0x250
[ 95.854229][ T6545] do_syscall_64+0xcd/0x4c0
[ 95.856055][ T6545] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 95.858469][ T6545] page last free pid 28 tgid 28 stack trace:
[ 95.860861][ T6545] __free_frozen_pages+0x7fe/0x1180
[ 95.862983][ T6545] tlb_remove_table_rcu+0x116/0x1a0
[ 95.865147][ T6545] rcu_core+0x799/0x14e0
[ 95.866812][ T6545] handle_softirqs+0x219/0x8e0
[ 95.868604][ T6545] run_ksoftirqd+0x3a/0x60
[ 95.870125][ T6545] smpboot_thread_fn+0x3f7/0xae0
[ 95.871683][ T6545] kthread+0x3c5/0x780
[ 95.872982][ T6545] ret_from_fork+0x5d4/0x6f0
[ 95.874481][ T6545] ret_from_fork_asm+0x1a/0x30
[ 95.876127][ T6545] ------------[ cut here ]------------
[ 95.877899][ T6545] kernel BUG at ./include/linux/mm.h:1034!
[ 95.879900][ T6545] Oops: invalid opcode: 0000 [#1] SMP KASAN NOPTI
[ 95.881974][ T6545] CPU: 1 UID: 0 PID: 6545 Comm: syz.0.17 Tainted: G B 6.16.0-rc6-syzkaller-00279-gbf61759db409 #0 PREEMPT(full)
[ 95.886125][ T6545] Tainted: [B]=BAD_PAGE
[ 95.887535][ T6545] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 95.891034][ T6545] RIP: 0010:page_frag_free+0x200/0x2e0
[ 95.892924][ T6545] Code: 24 ff e9 b8 fe ff ff e8 ee 2e a7 ff 49 8d 6d ff e9 aa fe ff ff e8 e0 2e a7 ff 48 c7 c6 a0 32 bc 8b 48 89 ef e8 61 eb ee ff 90 <0f> 0b e8 c9 2e a7 ff be 08 00 00 00 48 89 ef e8 7c 89 0c 00 48 89
[ 95.899121][ T6545] RSP: 0018:ffffc90003727758 EFLAGS: 00010293
[ 95.901093][ T6545] RAX: 0000000000000000 RBX: ffffea0000aaf874 RCX: ffffffff822cdba7
[ 95.903602][ T6545] RDX: ffff888031ef4880 RSI: ffffffff8214b9df RDI: ffff888031ef4cc4
[ 95.906076][ T6545] RBP: ffffea0000aaf840 R08: 0000000000000005 R09: 0000000000000000
[ 95.908715][ T6545] R10: 0000000000000000 R11: 6f72665f74657220 R12: 0000000000000000
[ 95.911262][ T6545] R13: dead000000000040 R14: 0000000000000000 R15: 000000000000000f
[ 95.913821][ T6545] FS: 00007f47511266c0(0000) GS:ffff8880d6820000(0000) knlGS:0000000000000000
[ 95.916558][ T6545] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 95.918669][ T6545] CR2: 0000200000010000 CR3: 000000003396c000 CR4: 0000000000352ef0
[ 95.921395][ T6545] Call Trace:
[ 95.922523][ T6545]
[ 95.923512][ T6545] __xdp_return+0x38e/0xa90
[ 95.925243][ T6545] ? kmem_cache_free+0x2d1/0x4d0
[ 95.927171][ T6545] bpf_xdp_adjust_tail+0xa11/0xfd0
[ 95.928971][ T6545] bpf_prog_f476d5219b92964a+0x1e/0x24
[ 95.930787][ T6545] bpf_prog_run_generic_xdp+0x626/0x1530
[ 95.932795][ T6545] do_xdp_generic+0x8e6/0x1320
[ 95.934345][ T6545] ? __pfx_do_xdp_generic+0x10/0x10
[ 95.935942][ T6545] ? __pfx__copy_from_iter+0x10/0x10
[ 95.937558][ T6545] ? virtio_net_hdr_to_skb+0x57c/0x1410
[ 95.939254][ T6545] tun_get_user+0x1bc6/0x3b80
[ 95.940824][ T6545] ? __pfx_tun_get_user+0x10/0x10
[ 95.942558][ T6545] ? __pfx_ref_tracker_alloc+0x10/0x10
[ 95.944312][ T6545] ? tun_get+0x191/0x370
[ 95.945654][ T6545] ? rcu_is_watching+0x12/0xc0
[ 95.947130][ T6545] ? lock_release+0x201/0x2f0
[ 95.948708][ T6545] tun_chr_write_iter+0xdc/0x210
[ 95.950492][ T6545] vfs_write+0x6c4/0x1150
[ 95.952180][ T6545] ? __pfx_tun_chr_write_iter+0x10/0x10
[ 95.954042][ T6545] ? __pfx_vfs_write+0x10/0x10
[ 95.955673][ T6545] ? lock_release+0x201/0x2f0
[ 95.956977][ T6545] ksys_write+0x12a/0x250
[ 95.958239][ T6545] ? __pfx_ksys_write+0x10/0x10
[ 95.960005][ T6545] do_syscall_64+0xcd/0x4c0
[ 95.961664][ T6545] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 95.963743][ T6545] RIP: 0033:0x7f475038bc1f
[ 95.965275][ T6545] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48
[ 95.971419][ T6545] RSP: 002b:00007f4751126000 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[ 95.973763][ T6545] RAX: ffffffffffffffda RBX: 00007f47505a5fa0 RCX: 00007f475038bc1f
[ 95.976129][ T6545] RDX: 000000000000fdef RSI: 0000200000000a80 RDI: 00000000000000c8
[ 95.978740][ T6545] RBP: 00007f475040e2a0 R08: 0000000000000000 R09: 0000000000000000
[ 95.981553][ T6545] R10: 000000000000fdef R11: 0000000000000293 R12: 0000000000000000
[ 95.984363][ T6545] R13: 0000000000000000 R14: 00007f47505a5fa0 R15: 00007ffe596f8698
[ 95.987432][ T6545]
[ 95.988618][ T6545] Modules linked in:
[ 95.990300][ T6545] ---[ end trace 0000000000000000 ]---
[ 95.992226][ T6545] RIP: 0010:page_frag_free+0x200/0x2e0
[ 95.993873][ T6545] Code: 24 ff e9 b8 fe ff ff e8 ee 2e a7 ff 49 8d 6d ff e9 aa fe ff ff e8 e0 2e a7 ff 48 c7 c6 a0 32 bc 8b 48 89 ef e8 61 eb ee ff 90 <0f> 0b e8 c9 2e a7 ff be 08 00 00 00 48 89 ef e8 7c 89 0c 00 48 89
[ 96.000330][ T6545] RSP: 0018:ffffc90003727758 EFLAGS: 00010293
[ 96.002529][ T6545] RAX: 0000000000000000 RBX: ffffea0000aaf874 RCX: ffffffff822cdba7
[ 96.005456][ T6545] RDX: ffff888031ef4880 RSI: ffffffff8214b9df RDI: ffff888031ef4cc4
[ 96.008238][ T6545] RBP: ffffea0000aaf840 R08: 0000000000000005 R09: 0000000000000000
[ 96.010818][ T6545] R10: 0000000000000000 R11: 6f72665f74657220 R12: 0000000000000000
[ 96.013715][ T6545] R13: dead000000000040 R14: 0000000000000000 R15: 000000000000000f
[ 96.016521][ T6545] FS: 00007f47511266c0(0000) GS:ffff8880d6820000(0000) knlGS:0000000000000000
[ 96.019207][ T6545] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 96.021456][ T6545] CR2: 0000200000010000 CR3: 000000003396c000 CR4: 0000000000352ef0
[ 96.024142][ T6545] Kernel panic - not syncing: Fatal exception in interrupt
[ 96.027163][ T6545] Kernel Offset: disabled
[ 96.028884][ T6545] Rebooting in 86400 seconds..